The Internet of Things (IoT) is a network of physical objects or “things” embedded with electronics, software, sensors, and network connectivity, which enables these objects to collect and exchange data. The IoT can allow the objects to be sensed and controlled remotely across various network infrastructure, creating opportunities for more direct integration between the physical world and computer-based systems, and can result in improved efficiency, accuracy and economic benefit. Each IoT device can be uniquely identifiable through its embedded computing system and can be able to interoperate within the existing Internet infrastructure.
The IoT devices can have limited processing, memory and power resources, but the ability to network such devices can mean that IoT finds applications in various fields. For example, an IoT device can collect information in settings ranging from natural ecosystems to buildings and factories, thereby finding applications in fields of environmental sensing and urban planning. On the other hand, IoT systems could also be responsible for performing actions, not just sensing things. Intelligent shopping systems, for example, could monitor specific users' purchasing habits in a store by tracking their mobile phones. These users could then be provided with special offers on their favorite products, or even location of items that they need, which their fridge has automatically conveyed to the phone. Additional examples include enabling extended home security features and home automation. Now with IoT, one can control household electrical devices while being away from home.
An IoT device is typically insecure, especially when accessing user data, which can be a cause for security concerns. Most of the IoT devices may not have the means or capabilities for processing and/or storing data securely, e.g., by using complex encryption. In some cases, the IoT devices have been shown to be vulnerable to attackers who have access to the onboard network. Some technologies control sessions of the IoT devices by issuing tokens to the IoT devices. The tokens provide as a means to authenticate the IoT device and allow the IoT device to perform a specified function. However, such tokens may be copied easily and used from some other devices. The tokens can be copied legitimately and reused on other devices. However, the problem with reusing the same token on different devices is that when the token is revoked, all devices having the token would lose access to an application to which the IoT devices are connected.